<?php

class UserController extends Controller
{
	/**
	 * @var string the default layout for the views. Defaults to '//layouts/column2', meaning
	 * using two-column layout. See 'protected/views/layouts/column2.php'.
	 */
	public $layout='//layouts/column2';

	/**
	 * @var CActiveRecord the currently loaded data model instance.
	 */
	private $_model;

	/**
	 * @return array action filters
	 */
	public function filters()
	{
		return array(
			'accessControl', // perform access control for CRUD operations
		);
	}

	/**
	 * Specifies the access control rules.
	 * This method is used by the 'accessControl' filter.
	 * @return array access control rules
	 */
	public function accessRules()
	{
		return array(
			array('allow',  // allow all users to perform 'index' and 'view' actions
				'actions'=>array('create','view','member'),
				'users'=>array('*'),//? todos,* autenticados
			),
			array('allow',  // allow all users to perform 'index' and 'view' actions
				'actions'=>array('index','update','profile'),
				'users'=>array('@'),//? todos,* autenticados
			),
			array('allow', // allow admin user to perform 'admin' and 'delete' actions
				'actions'=>array('delete','admin'),
				'users'=>array('demo'),
			),
			//array('allow', 
			//	'actions'=>array(),
			//	'users'=>array('*'),
			//),
			array('deny',  // deny all users
				'users'=>array('*'),
			),
		);
	}

	/**
	 * Displays a particular model.
	 */
	public function actionView()
	{
		$this->render('view',array(
			'model'=>$this->loadModel(),
		));
	}

	public function actionProfile()
	{
		$this->render('profile',array(
			'model'=>$this->loadModel(),
                        'command' => tbl_galeria::model()->findImg($_GET['id']),
		));
	}

	/**
	 * Creates a new model.
	 * If creation is successful, the browser will be redirected to the 'view' page.
	 */
	public function actionCreate()
	{
		$model=new User;

		// Uncomment the following line if AJAX validation is needed
		// $this->performAjaxValidation($model);

		if(isset($_POST['User']))
		{       // autenticando com md5 antes de grava
                        $salt = User::model()->generateSalt();
                        $_POST['User']['password'] = User::model()->hashPassword($_POST['User']['password'],$salt);
                        $_POST['User']['salt'] = $salt;
                        $_POST['User']['party'] = MenuAdmin::NOT_MEMBER;
			$model->attributes=$_POST['User'];

                        $model->img=CUploadedFile::getInstance($model,'img');
    
			if($model->save()){
                            $model->img->saveAs(Yii::app()->basePath.'/../images/'.$model->img);
                            $this->redirect(array('view','id'=>$model->id));
                        }
				
		}

		$this->render('create',array(
			'model'=>$model,
		));
	}

	/**
	 * Updates a particular model.
	 * If update is successful, the browser will be redirected to the 'view' page.
	 */
	public function actionUpdate()
	{
              // se for admin carrega qlqer 1
              // senao somente o seu
              if(MenuAdmin::getAdmin(Yii::app()->user->name))                     
                $model=$this->loadModel();
              else
		$model = User::model()->findbyPk(Yii::app()->user->id);

		if(isset($_POST['User']))
		{    
                      if($_POST['User']['password']<>''){
                        $salt = User::model()->generateSalt();
                        $_POST['User']['password'] = User::model()->hashPassword($_POST['User']['password'],$salt);
                        $_POST['User']['salt'] = $salt;
                      }else
                        $_POST['User']['password'] = $model->password;
                          
                        $_POST['User']['party'] = (MenuAdmin::getAdmin(Yii::app()->user->name)) ? $_POST['User']['party'] :$model->party;                         

                        $_POST['User']['img'] = (MenuAdmin::getAdmin(Yii::app()->user->name)) ? CUploadedFile::getInstance($model,'img'): $model->img;
                        
                        $model->attributes=$_POST['User'];

			if($model->save()){ 
			    (MenuAdmin::getAdmin(Yii::app()->user->name)) ? $model->img->saveAs(Yii::app()->basePath.'/../images/'.$model->img):null;	
                             $this->redirect(array('view','id'=>$model->id));                                      
                        }        
		}
                
                $model->password = '';
		$this->render('update',array(
			'model'=>$model,
		));
	}

	/**
	 * Deletes a particular model.
	 * If deletion is successful, the browser will be redirected to the 'index' page.
	 */
	public function actionDelete()
	{
		if(Yii::app()->request->isPostRequest)
		{
                        $model=User::model()->findbyPk($_GET['id']);
                        unlink(Yii::app()->basePath.'/../images/'.$model->img);
			// we only allow deletion via POST request
			$this->loadModel()->delete();

			// if AJAX request (triggered by deletion via admin grid view), we should not redirect the browser
			if(!isset($_GET['ajax']))
				$this->redirect(array('index'));
		}
		else
			throw new CHttpException(400,'Invalid request. Please do not repeat this request again.');
	}

	/**
	 * Lists all models.
	 */
	public function actionIndex()
	{

                $menu_users = User::model()->loadUsersMenu();
                
		$dataProvider=new CActiveDataProvider('User');
		$this->render('index',array(
			'dataProvider'=>$dataProvider,
                        'menu_users'=>$menu_users,
		));
	}

        
	public function actionMember()
	{
		$this->render('member',array(
			'users'=>User::model()->loadUsers(),
		));
	}        
        
        
	/**
	 * Manages all models.
	 */
	public function actionAdmin()
	{
		$model=new User('search');
		$model->unsetAttributes();  // clear any default values
		if(isset($_GET['User']))
			$model->attributes=$_GET['User'];

		$this->render('admin',array(
			'model'=>$model,
		));
	}

	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 */
	public function loadModel()
	{
		if($this->_model===null)
		{
			if(isset($_GET['id']))
				$this->_model=User::model()->findbyPk($_GET['id']);
			if($this->_model===null)
				throw new CHttpException(404,'The requested page does not exist.');
		}
		return $this->_model;
	}

	/**
	 * Performs the AJAX validation.
	 * @param CModel the model to be validated
	 */
	protected function performAjaxValidation($model)
	{
		if(isset($_POST['ajax']) && $_POST['ajax']==='tbl-user-form')
		{
			echo CActiveForm::validate($model);
			Yii::app()->end();
		}
	}
}
